Access Control Systems-101
Access control systems have gained much popularity in the last few years. Data and building security is a factor that companies all around the world are worried about. A leak in data security would mean access to all confidential files of your company by anyone who knows how to use a computer. A flaw in building security could result in destruction of property leading to a loss of millions of dollars or even loss of life. One cannot afford to take security lightly. Allow me to introduce you to data center access control systems.
What is it?
Access control is a system which enables you to exercise a control over who or what is allowed to interact with a resource. The interaction can be permission to see records, billing machines, databases or even your data center. Simply put, you need to possess the right clearance or reason to access any secure important, confidential, or sensitive information and equipment. The basic function of access control system is to protect and prevent unauthorized access to the resources and misuse of the same.
There are different types of access control systems for physical access and computer access. Let me walk you through it just so that you can understand the basic workings of the system and don’t get arrested for being ignorant.
o Physical Access control system– Here, credentials for access is presented to a reader which compares the information with the access control list and grants or denies permission to access. It also keeps a log of the same. In case of unauthorized access, the control panel will trigger the alarm and will land you in hot soup if you don’t have a justifiable reason.
- Computer access control system: This system has three stages i.e. authentication, authorization and audit. Identification and authentication of the access request is done by user ids and passwords linked to various sites and servers. Access control does the identification and authentication to determine who can log on to a system. The system authorization access determines what a subject can do and to what level. The system accountability identifies what a subject did i.e. keeping a log of the actions and events.
Access control models are categorized into discretionary or non- discretionary. The three most commonly known models are Discretionary Access Control (DAC), Mandatory Access Control (MAC) and Role Based Access Control (RBAC).
· Discretionary access control (DAC) is access controlled by the owner and only the owner decides who and when one can access the system.
· Mandatory access control (MAC) is usually used in places were highly sensitive information is protected and access to such places is only allowed if someone is assigned to.
· Role based access control (RBAC) is used in multi-level security and commercial applications. In this the access is determined only by the system.
Access control system helps in protecting unauthorized disclosure and disruption of the data. It protects from letting the attacker control the services and inserting false services into the system. If you still do not have an access control system to monitor the traffic into your data center, it’s about time you consider to install one.
Some of the companies specialize in proving access control systems to data centers. Companies like Honeywell offer services all over the world.
Data Center Talk updates its resources everyday. Visit us to know of the latest technology and standards from the data center world.
Please leave your views and comments on DCT Forum.